Meta Box

Google reCaptcha V3 - Backend Verification?

Support MB User Profile Google reCaptcha V3 - Backend Verification?

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • August 20, 2025 at 6:36 PM #48780
    CodogCodog
    Participant

    Hi There,
    I use the MB User Profile Login & Registration forms on a site. I also use Google ReCaptcha V3 on these forms to mitigate against bots. My Site Key and Secret Key are defined as constants in my wp-config.php and called as variables to the shortcode forms. There are no errors present in my debug.log or Console relating to this setup. All has been working fine for a number of months. However, I have recently received an email from my Google Cloud Console stating....

    ..." You aren't protected.
    We have seen 33 unprotected events from your site because your setup is incomplete. It's likely that you have missed the step: verify the reCAPTCHA token, because reCAPTCHA has not received any token verification requests from your site backend. Please return to your reCAPTCHA console now for a step-by-step guide that will walk you through the final steps."....

    I assumed that the backend verification was handled by your plugin?

    What might be the likely causes of this warning?

    Cheers

    August 20, 2025 at 7:14 PM #48781
    CodogCodog
    Participant

    .... Q) Does the MB AIO plugin support ReCaptcha on MB User Profile Login Forms? When adding some debug logging to verify reCaptcha requests on the login form... I get nothing. On the Registration Form I see the reCaptcha request.

    Can you confirm?

    Cheers

    August 21, 2025 at 8:59 PM #48796
    PeterPeter
    Moderator

    Hello Leo,

    Thanks for reaching out.

    Yes, the plugin MB AIO supports reCaptcha on the user profile forms. Can you please let me know how you add the key to the form? And share the page URL where you display the form, I will help you check the issue.

    August 21, 2025 at 9:23 PM #48799
    CodogCodog
    Participant

    Hi Peter,
    thanks for getting back to me and confirming. So to clarify how the keys are added:

    // Google reCAPTCHA keys
$login_site_key = defined('GRC_LOGIN_SITE_KEY') ? GRC_LOGIN_SITE_KEY : ''; 
$login_secret_key = defined('GRC_LOGIN_SECRET_KEY') ? GRC_LOGIN_SECRET_KEY : '';

// Login Shortcode
echo do_shortcode('[mb_user_profile_login label_username="Email" label_title="Login" ajax="true" value_remember="true" recaptcha_key="'.$login_site_key.'" recaptcha_secret="'.$login_secret_key.'" redirect="'.$return_url.'"]');

    I use the same methodology on other MB User Profile Forms. I have also double checked and verified the login keys are correct.

    Page where login can be viewed: https://wordpress.build/client-login/

    I look forward to your feedback.

    Cheers

    I ha

    August 22, 2025 at 9:30 PM #48808
    PeterPeter
    Moderator

    Hello,

    I check your client login page and see the reCaptcha is working well, don't see any issues with it. Can you please contact Google reCaptcha support and ask them to provide more information?

  • Author
    Posts
Viewing 5 posts - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.